John Anthony Smith: Lack Of Multi-factor Authentication Caused Colonial Pipeline Breach

Sunday, June 6, 2021 - by John Anthony Smith
John Anthony Smith
John Anthony Smith

(John Anthony Smith, CEO of the fast-growing Conversant Group on the Southside, advises on Internet security. There have been recent attacks by cyber gangs - first on a U.S. pipeline company, then on a huge beef producer and, mostly recently, a large media group.)

 

Last month, hackers infiltrated Colonial Pipeline’s computer network, which resulted in the massive shutdown of its pipeline.

The pipeline provides nearly one half of the fuel supply for the Southeastern United States. Colonial Pipeline elected to pay a ransom demand of nearly $4 million the same day. The pipeline was shut down for six days, and it resulted in a run on fuel stations throughout the Southeast.

 

In light of upcoming Congressional committee meetings, Colonial Pipeline made Joseph Blount, CEO, and Charles Carmakal, Mandiant senior vice president, available to speak publicly about the causes of the breach.

 

On Friday, Bloomberg reported that a compromised password for an inactive account was used to breach Colonial Pipeline’s network. An unused user account (the user no longer worked for Colonial Pipeline) had not been deactivated, and the account still had access to VPN. The user likely had reused his or her password on non-corporate accounts, which resulted in the user’s password being available on the Darkweb (after compromises of other non-corporate web sites). It isn’t known how the attackers obtained the username; however, it is very easy to obtain usernames via other methods. As an example only (there is no proof of this being used at Colonial Pipeline), Exchange Server Outlook Web Access has error reporting that would allow an attacker to accurately guess a username.

 

The VPN system used to compromise the company’s networks was not protected by multifactor authentication (MFA): at least for the user account that was leveraged in the attack. VPN (virtual private network) is used by many companies to provide remote access to users.

 

On assessment, more than 80 percent of the time, we find externally exposed systems without MFA (including cloud apps), and more than 90 percent of the time, we find poor password/user account hygiene.

 

Defense is always less expensive than recovery: our hand is always extended for either (defense or recovery). Please compute safely.

https://www.bloomberg.com/news/articles/2021-06-04/hackers-breached-colonial-pipeline-using-compromised-password

* * *

John Anthony Smith can be reached at:

423-305-7890

 

 

 

 

John.Smith@conversantgroup.com

1513 Cowart Street

Chattanooga, TN 37408


 


Police Blotter: Man Retrieves His Stolen Tools From Thief; Lottery Tickets Stolen At 7-11

Latest Hamilton County Arrest Report

Chattanooga-Based Rent My Equipment Site Aims To Be "The Airbnb Of Equipment Rental"


A man on Lynnbrook Avenue said his brother saw via a security camera an older white male stealing tools from the back of the man’s vehicle. The man confronted the suspect and he took off in a ... (click for more)

Here is the latest Hamilton County arrest report: AMERINE, NATHANIEL RAYMOND 7307 FAYE AVE CHATTANOOGA, 37421 Age at Arrest: 37 years old Arresting Agency: Hamilton County Booked for ... (click for more)

Chattanoogan Mark Williams began looking around in his garage at all the tools, equipment, and sporting goods that he had collected over several years and began searching for an app that would ... (click for more)



Breaking News

Police Blotter: Man Retrieves His Stolen Tools From Thief; Lottery Tickets Stolen At 7-11

A man on Lynnbrook Avenue said his brother saw via a security camera an older white male stealing tools from the back of the man’s vehicle. The man confronted the suspect and he took off in a green Ford F150 with his tools. The man was able to locate the suspect a short while later. He said when he confronted the suspect again, the suspect returned his tools. The man does not wish ... (click for more)

Latest Hamilton County Arrest Report

Here is the latest Hamilton County arrest report: AMERINE, NATHANIEL RAYMOND 7307 FAYE AVE CHATTANOOGA, 37421 Age at Arrest: 37 years old Arresting Agency: Hamilton County Booked for Previous Charges or Other Reason(s) ARCHER, JADEN STORM 6655 SANDALWOOD CIRCLE HARRISON, 37341 Age at Arrest: 43 years old Arresting Agency: Hamilton County FAILURE TO APPEAR ... (click for more)

Opinion

Great Service From The Hamilton County Health Department Hotline

My wife woke up this morning and thought she might have COVID. We called the Hamilton County Heath Department hotline and someone answered on the third ring. Not a voice mail, a real person. She told us they they were already out of their supply for rapid testing but recommended two pharmacies, one on Highway 58 and one on Hixson Pike. We chose the one on 58. A pharmacist ... (click for more)

I Remember Chattanooga’s First March For Life

This Saturday, Jan. 22, 2022, Greater Chattanooga Right to Life will hold its March for Life assembling at 10:30 a.m. at the Coolidge Park Pavilion. I hope you will attend. I remember the first March for Life in Chattanooga held 35 years ago on Jan. 22, 1987. The march consisted of 14 people: Dan Martino, Doyle Ratterree and his wife who was carrying their infant daughter in ... (click for more)

Sports

Chattanooga Women Host UNC Greensboro Saturday

The Chattanooga women’s basketball team will look to keep the excitement going Saturday afternoon against UNC Greensboro at The McKenzie Arena. Chattanooga is riding a three-game win streak and sitting third in the Southern Conference standings after claiming its 900th program win against Western Carolina on Thursday. The Mocs are 5-14 overall and 3-1 in league play. UNCG is ... (click for more)

John Shearer: Retiring Mark Guhne Looks Back With Fondness On UTC Golf Coaching Career

Mark Guhne did construction work building houses for nearly 20 years before he realized he wanted to build something else – a college golf program. After being hired as the UTC men’s golf coach in a rather unusual manner, he went on to lead the Mocs through probably their most successful period in history in terms of being able to compete with bigger schools and reach the ... (click for more)